On 9/17/24 12:27 PM, bd730c5053df9efb via Users wrote:
Hi! Thanks for the reply and I'm sorry if my question wasn't clear enough.
I have a network, let's say 192.168.0.0/24, and two servers 192.168.0.1
and 192.168.0.2. On this same network I have a wokstation, lets call it
192.168.0.100 which is running libvirt using qemu for the emultation.
This workstation has a network device called br0 which has the ip
address 192.168.0.100 and when I try to create an isolated network which
is also on the 192.168.0.0/24 range I get an error stating that this
range is already in use on the host. I need to be able to recreate an
absolutely isolated network in the 192.168.0.0/24 range to be able to
copy the servers 192.168.0.1 and 192.168.0.2 in here and perform the
tests I need.
I hope I've been able to clarify.
Yep! That was one of my guesses, but I didn't want to assume anything :-).
The most straightforward solution to what you're talking about requires
the libvirt network to be in a separate network namespace. This is an
idea I've thought about in the past, but haven't done anything for it,
and nobody else has either, so so it's unfortunately not supported by
libvirt (as always, patches welcome :-)
Although... if the tests you need to perform involve having your
workstation (192.168.0.100 in your example) interact with the servers at
192.168.0.1 & .2, then you're going to have to disconnect your
workstation from the physical network for the duration of the test anyway.
So here's a solution if those are the parameters (and even if you just
need the two servers to communicate with each other and nothing else):
If it's just the two test servers and the workstation that need to be
able to interact during your test, and the workstation won't need to
directly contact any other machine on the 192.168.0.0/24 network, then
you could probably rig up a solution with a small consumer router - just
insert the router in between the workstation and the *real*
192.168.0.0/24 network with the "internet" side towards that network and
the "local" side plugged into the workstation, with the router
configured to do NAT and have use a local-side subnet of, say,
192.168.1.0/24, and get a new IP address for the workstation from that
subnet (either automatically with DHCP, or by manually setting it to,
e.g. 192.168.1.100/24. then create an isolated network similar to this:
https://www.libvirt.org/formatnetwork.html#isolated-network-config
but with the ip address set to 192.168.0.100. Now you can configure you
test servers to connect their interface to this isolated network.
With this setup, the workstation will still be able to get to the
internet (except for the *real* 192.168.0.0/24 subnet) via its
connection to the router, and also will be able to interact with the
test servers via the isolated network that you created.
When you're done with your tests, just shutdown the to test VMs (with
their own internal shutdown command, possibly followed by "virsh
destroy" if the qemu processes aren't automatically terminated by the
shutdown) then "virsh net-destroy" the isolated network (you can leave
it defined so that it's simple to do the test again later), and plug the
workstation directly into the real network again (updating its IP
address if necessary).
Does that make sense, or is it too much rambling?
